package edu.utils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;

public class PasswordUtils {

    // 使用管理员输入的盐值生成哈希
    public static String hashPassword(String password, String salt) {
        try {
            MessageDigest md = MessageDigest.getInstance("SHA-256");
            md.update(salt.getBytes());
            byte[] hashedBytes = md.digest(password.getBytes());
            return Base64.getEncoder().encodeToString(hashedBytes);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("哈希算法不存在", e);
        }
    }

    // 验证密码：输入密码 + 盐 + 数据库存的哈希密码
    public static boolean verifyPassword(String inputPassword, String salt, String storedHashedPassword) {
        String hashedInput = hashPassword(inputPassword, salt);
        return hashedInput.equals(storedHashedPassword);
    }
}